@NightmareJoker2 If you are signing in with GitHub, you are granting access to your email and the public OAuth scope.
After signing in, if you revoke the OAuth scope, then there are a few places we check and can sign you out and destroy all of your tokens
If that is not the case, I am not sure what is happening
@kdheepak The lock means private. It isn't possible to change it after creation in the UI, https://gitlab.com/gitlab-org/gitter/webapp/issues/676
I can update it for you now though
@kdheepak Was the repo previously private, https://github.com/NREL/ditto ?
The room might of been created back when it was private but now that it is public, anyone can access the repoand therefore can join the room
@MadLittleMods I am messing with the grant flow, such that email access is never approved. This has never caused me problems before. All it does is give you
null or non-presence of the field in all API responses containing the account email. It properly signs me in just fine, when I do this (after all, I wouldn't be talking here otherwise, right?). The problem I seem to have, is that I can't keep multiple sign-in sessions alive.
The code you linked to does not even make any attempt to use the email address, you shouldn't ask for it in the first place, if you don't need it (you never do, users should opt-in to any services which would use it, and be able to provide a different one).
Also, I may add: Don't use a web view in your application for the authorization flow, doing so defeats the OAuth flow trust training, that should have users learn not to enter their account credentials (username/email + password) in third-party applications. Send them to their web browser instead, and return them to a small web server running locally in your application to pass the authorization code with the refresh token grant. Though this tool being in all reasonable cases a notable exception, users typically do not know how to verify that an application isn't tampering with the login prompt, and rarely bother even, if they can, nor check for unnecessary permission grants and the like.
@marek094 There isn't a way to point the mobile apps at your local version and the mobile apps aren't open source yet.
You can point the desktop client at your local instance via these CLI parameters, https://gitlab.com/gitlab-org/gitter/desktop/#cli-parameters
@TallTed Known but not tracked well
The future is probably less embeds, https://gitlab.com/gitlab-org/gitter/webapp/issues/1399